John Aldrich wrote:
>[EMAIL PROTECTED] wrote on Sunday, May 28, 2006 3:04 PM: > > > >>One of my servers which had 4.1.1 was hacked, when you try >>and connect with a VNC client you get: a message telling >>you "not an RFB server". >> >>If you telnet into port 5900 you get a nice Haxed message. >> >>Anyway all fine I have changed ports and installed 4.2, >>and blocked VNC to this server to only trusted IP's, >>however I would like to find out the dll or exe that is >>still on the server, does anyone know how I can see what >>is bound to port 5900, or know what the file is so I can >>squish the bug. >> >> >> >Ad-Aware and SpyBot S&D are your friends. AdAware is a free download from >http://www.lavasoft.de and SpyBot is from http://www.safer-networking.org >_______________________________________________ >VNC-List mailing list >[email protected] >To remove yourself from the list visit: >http://www.realvnc.com/mailman/listinfo/vnc-list > > > No that is not sufficient SysInternals regmon & Filemon will probably be required and yu'll need to compare againt a known clean machine with vnc 43 installed listdlls & handel will help 2 _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
